{ config, pkgs, lib, ... }: with pkgs; let nvidia-offload = writeShellScriptBin "nvidia-offload" '' #!/bin/bash export __NV_PRIME_RENDER_OFFLOAD=1 export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 export __GLX_VENDOR_LIBRARY_NAME=nvidia export __VK_LAYER_NV_optimus=NVIDIA_only exec "$@" ''; in { imports = [ ./hardware.nix ./hardware-configuration.nix # Include the results of the hardware scan. ../common/users/m3tam3re ../common/base ./services ]; specialisation = { external-display.configuration = { system.nixos.tags = [ "Externer-Monitor" ]; hardware.nvidia.prime.offload.enable = lib.mkForce false; hardware.nvidia.powerManagement.finegrained = lib.mkForce false; }; }; specialisation = { dual-display.configuration = { system.nixos.tags = [ "Dual-Monitor" ]; hardware.nvidia.prime.offload.enable = lib.mkForce false; hardware.nvidia.prime.sync.enable = lib.mkForce true; hardware.nvidia.powerManagement.finegrained = lib.mkForce false; }; }; # Bootloader. # boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.loader.grub.enable = true; boot.loader.grub.efiSupport = true; boot.loader.grub.version = 2; boot.loader.grub.device = "nodev"; boot.loader.grub.useOSProber = true; hardware.tuxedo-keyboard.enable = true; boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; boot.kernelModules = [ "v4l2loopback" ]; boot.kernelParams = [ "tuxedo_keyboard.mode=0" # https://github.com/tuxedocomputers/tuxedo-keyboard#kernelparam "tuxedo_keyboard.brightness=255" "tuxedo_keyboard.color_left=0xff0a0a" ]; # Setup keyfile boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; boot.extraModprobeConfig = '' options kvm_intel nested=1 options kvm_intel emulate_invalid_guest_state=0 options kvm ignore_msrs=1 options v4l2loopback exclusive_caps=1 max_buffers=2 ''; boot.initrd.luks.devices."luks-a7b1ba69-0951-4347-886e-4c0c24c2b871".keyFile = "/crypto_keyfile.bin"; networking.hostName = "m3-nix"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. networking.firewall.extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Enable networking networking.networkmanager.enable = true; networking.wg-quick.interfaces = { wg0 = { address = [ "10.8.0.3/24" ]; privateKeyFile = "/root/wg/peer_m3-nix/privatekey-peer_m3-nix"; dns = [ "10.88.0.1" ]; peers = [{ publicKey = "Il/nVlX2qzmZMJQ8QAKN+uQdkcK66Wt7MWZn9Vku6Tg="; presharedKey = "sOgKQCXs+WAEpVvnkqTHlK1ItWpmP/xiexhAJ6oMBJs="; allowedIPs = [ "0.0.0.0/0" "::/0" ]; endpoint = "wg.lanakk.com:51820"; persistentKeepalive = 25; }]; }; }; services.avahi = { enable = true; nssmdns = true; publish = { addresses = true; workstation = true; userServices = true; }; }; programs.steam = { enable = true; remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; }; time.timeZone = "Europe/Berlin"; i18n.defaultLocale = "de_DE.utf8"; console.keyMap = "de"; environment.systemPackages = [ nvidia-offload neovim ]; nix.extraOptions = '' experimental-features = nix-command ''; nix = { settings = { experimental-features = "nix-command flakes"; }; gc = { automatic = true; options = "--delete-older-than 30d"; }; optimise.automatic = true; }; nixpkgs.config.allowUnfree = true; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leavecatenate(variables, "bootdev", bootdev) # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? }